| Contact Information | |
| Name: | Dave Druitt |
| Email: | dcdave (at) att (dot) net [email concealed] |
| Location: | Any, Virginia, United States |
| Resume | |
| Position/Title: | CSO |
| Resume: |
Summary of Professional Experience Fluent Spanish-speaker/reader/writer with much experience and business contacts in Latin America. Open to relocation south (FL, CA, Latin America). Wide-ranging and comprehensive 20 year career in Network (LAN, WAN, ATM, BROADBAND, FRAME RELAY, ROUTER, LOAD-BALANCING, ROUTER, HIGH-AVAILABILITY, INTRANET, EXTRANET, etc.) and SECURITY Engineering, Team Management, Teaching/Training (SANS Speaker), systems software and applications engineering, from mainframe and minicomputer to microcomputer environments. Experienced in a wide variety of systems and network operating systems. Specialist in Network, Internet, Intranet, UNIX, WINDOWS XP,MILLENIUM, 2000 and NT Security Administration; HIPAA; ORACLE and other Database security; Information Security, Troubleshooting, Penetration Testing, Security Assessment, Global Emergency Response, Intrusion Detection, Forensics, Backups, Disaster Recovery, shell-scripts, applications development and centralized and distributed databases. Experienced with management of Pro-Serv teams, business development of and planning, developing, prototyping, implementing, marketing, and training for Users, Sales Teams, and teams of Professionals in Network, System, and Internet Security, distributed processing and relational databases. Started ‘best web page on securing wireless in the world’ (http://securingwireless.intranets.com currently being moved). Maintain a mailing list with hundreds of clients and other parties interested in condensed security news. IMPORTANT: Equally at ease interfacing with machines and people (English language and other cultures). Professional Experience: Chief Security Officer (CSO). Infosec Group/GINICORP. September 2002 – Present Security Advisor/Senior Security Lead/Project Director, International Region – Certification and Accreditation Programs (C&A) for Federal and State Government Agencies. Managing Client Security Projects, Risk/Threat management, Mitigation, ST&E, Standards based (DITSCAP, NIACAP, NIST, FISMA, OMB-A130, FIPS, ISO17799, ITIL, CMM, etc)., Security Assessments, Security Design and Implementation of solutions, Developing Business, Training and Knowledge Transfer for personnel (both client and corporate), conducting sales demonstrations, pilots and evaluations, and translating user security requirements into hardware, software, and communications architecture. Helped write NIST standards. Ongoing support of Clients, Teaching Security Certification and other. Certified to teach Security classes in English and/or Spanish. Security Services/Solutions for the United States, any other global location necessary. Worked standing up United States Federal Security Operations Center (USFEDSOC), as Service Delivery Manager with TS1. Worked in Washington DC Government in Office of Chief Technology Officer City-wide IT Security, standing up DC government Security Operations Center (DCSOC). 10% travel, as well as various Federal Government Agencies in Certification and Accreditation efforts. Senior Intelligence Analyst; Associate/III, PSAP National Security Team. Booz-Allen & Hamilton. March 2001 – September 2002 Security Advisor/Senior Security Lead/Project Director, International Region – Managing Client Security Projects, Security Assessments, Security Design and Implementation of solutions, Developing Business, Training and Knowledge Transfer for personnel (both client and corporate), conducting sales demonstrations, pilots and evaluations, and translating user security requirements into hardware, software, and communications architecture. Ongoing support of Clients. Advisor/Administrator of complex Windows and WINDOWS 2000 environments, with Active Directory and/or LDAP authentication management and VPN/WLAN environments, Teaching Security Certification and other Classes in English and/or Spanish. Security Services/Solutions for the United States, any other global location necessary, AND Latin America. 80% Billable, 10% travel. Senior Security Specialist; VP, Latin Americas, Service Delivery Manager, Asia; Professional Services. – Grace International Consulting (www.graceic.com). November 2000 – March 2001 Security Advisor/Senior Security Lead/Project Director/Regional Service Delivery Manager, Asia Region – Managing Client Security Projects, Security Assessments, Security Design and Implementation of solutions, Developing Business, Training and Knowledge Transfer for personnel (both client and corporate) in upgrading and security administration of Unix, IBM, Vax, and WINDOWS 2000 environments, with and without Active Directory and/or LDAP user registration and authentication schemae, conducting sales demonstrations, pilots and evaluations, and translating user security requirements into hardware, software, and communications architecture. Ongoing support of Clients. Teaching Security Certification and other Classes in English and/or Spanish. Security Services/Solutions for the United States, any other global location necessary, AND Latin America. 220% Billable, 100% travel. Senior Security/Systems Engineer, Program Manager, Latin American Projects, Team Leader Professional Services. – Network Solutions (NSI/Verisign). May 2000 – Oct. 2000 Start-up Security Division Team Leader – Managing as Pro-Serve Team Leader, Client Security Projects, Security Assessments, Security Design and Implementation of solutions, Training personnel (both client and NSI) at many different levels, creating and conducting sales presentations, pilots and evaluations. Creating Marketing material, Deliverables, Project Flow, other pertinent documentation and Vision. Teaching Certification Classes in English and/or Spanish. Security Services/Solutions for the United States, any other global location necessary, AND Latin America. BILLABLE CONSULTING as well as considerable Business Development and Intellectual Capital Development Senior Security/Systems Engineer, Manager, Latin American Operations, Professional Services. – Internet Security Systems (ISS). July 98 – May 2000 Pre- & Post-Sales and Engineer, Manager – Managing Client Security Projects, Security Assessments, Security Design and Implementation of solutions, TRAINING personnel (both client and ISS) creating and conducting sales demonstrations, pilots and evaluations, and translating user automation and security requirements into hardware, software, and communications requirements and solutions. Ongoing support of Clients, including evaluating or implementing security administration in Windows and WINDOWS 2000 Environments,. TEACHING Certification Classes in English and/or Spanish. Business Development, Mentoring, Marketing, Security Services/Solutions for the Central Region of the United States, any other global location necessary, AND Latin America. BILLABLE CONSULTING Senior Security/Systems Engineer - Gradient Technologies, Inc. July 97 – June 98 · Pre- & Post-Salesman and Engineer – assess relevant security needs, conducting sales demonstrations, pilots and evaluations, and translating user automation and security requirements into hardware, software, and communications requirements and solutions. Sales for the SouthEast Region of the United States AND the Federal Government. BILLABLE CONSULTING Senior Security/Systems Engineer - Axent Technologies, Inc. July 96 – June 97 · Pre- & Post-Sales Engineer and Technician – SECURITY ASSESSMENTS, sales demonstrations (won $4mil contract), installations, and translating user automation requirements into hardware, software, and communications requirements and solutions. BILLABLE SECURITY CONSULTING. · TRAINING - developing and revising training courses and conducting formal classroom courses, workshops, seminars, marketing presentations, deliverables, and/or computer-based training. · Systems Analyst - analyzing computer systems, security, protocols, computer operations, and interfaces; programming and database structuring and management; and evaluating computer test plans and procedures. · Installation Support - organizing and directing hardware and network installations, assessing current site network configuration and user requirements, designing and optimizing network topologies, preparing specifications for hardware acquisitions, and troubleshooting at customer sites. · Security Analyst - up to the minute CERT SECURITY Alert implementation of solutions in Lab and at customer sites. Senior Systems Engineer/UNIX Specialist - Sysorex Information Systems, Inc. Sept 94 - Jun 96 · Bid and Proposal Documents - technical team Senior Engineer for analysis and sourcing of products in response to Government RFPs. Vendor interaction, benchmarking, SECURITY and systems design and integration, technical writing. · Lab Team Leader - product evaluation, benchmarking, technology upgrade testing. · Intergroup Committee - Senior Engineer designing, evaluating and implementing Internet connectivity for the entire company and each office. This included - Novell Server-based windows application implementation and CC:Mail implementation, network design and implementation, TCP/IP configuration for PPP connection to ISP, Domain Name Service, design and implement Home World-Wide Web Page(s) using HTML hypertext and graphics programming, internet E-Mail, Shell-scripting for menus and utilities. · Knowledge of Federal Government business, SECURITY REQUIREMENTS, and contacts Systems Engineer - AT&T/NCR Federal Systems Division (TMAC) Jan 92 - Sept 94 · Systems Engineering Team – bid development, product evaluation and real systems integration/kernel modifications resulting in development of LEVEL B1 MULTI-COMPARTMENTED SECURE Operating System and apps · Systems Integration/Systems Support Team - Tier III support, on-line and on-site problem determination and resolution, technical supervision of installations and Task Order work, including special task order work for custom configurations. Working with customers, technicians, and manufacturers/vendors to resolve issues. · Technical supervision of major installations of equipment on-site. · Customer Interface and Satisfaction - resolve technical issues regarding customer application interface with products. Systems Engineer - Resolution Systems Corporation Jan 90 - Jan 92 · Structured analysis and design of large-scale relational systems incorporating LANs and telecommunications. · Expert programming/analysis, systems engineering, technical consulting support, implementation of an optical processing, document management database system. Software Engineering Consultant/Independent Contractor: 'Jaunte Services, Inc. 1990 · Designed and developed databases and their applications using IBM PC AT. 'The Ultimate Corporation 1989 · VP Unix Division, Senior Unix Product Specialist - pre- and post-sales, troubleshooting, contract negotiations, product evaluation and testing, communications work, application conversions, team management and training, and systems integration. 'AT&T Bell Laboratories 1987-1989 · Digital Analysis Cross-Connect Switch (DACS II) · Systems integration and analysis for software system involving telephone switching capability and load building using NMAKE, SCCS, CMS, ECMS, and Windows on DEC UNIX V.3. · Pegesus Project - classified development work on application tracking in-house phone systems database implementation using ACCEL/UNIFY on UNIX 3B2 platform. · Medical Ventures Project - design and operation of subsystem comprising archiving of medical images to laser disc. · Developmental work on AT&T 3B2x UNIX System V.3 Kernal and driver design optimization. 'Intertech International 1986 · Office procedures analysis, conversion to computer, database design, prototype and development on NCR Tower32 systems. · Analysis, design, and prototyping of systems. · Training in Spanish on site in Caracas, Venezuela 'Digital Analysis Corporation 1985 · Systems Analyst - Air Force Association project - working with clients to develop management information systems 'Pre-1985 · Various ASSEMBLER, FORTRAN, and COBAL positions Technical Specialties: Certifications: CISSP, GIAC, Verisign Certified PKI Administrator, CheckPoint Certified Administrator, Internet Security Certifications Trainer in IDS, Analysis, Wireless Security, Database Security, Application Security, Business Continuity, Security Metrics, and Security Policy/Procedure. Software: Various Security Software packages (both vendor and freeware); including but not limited to ISS: Internet Scanner, Database Scanner, System Scanner, RealSecure, AXENT: ESM, ITA UPM, Single-Signon products; NetAss: Cybercop Scanner, Monitor, Sting, others; Checkpoint (and other firewalls), McAfee, Norton, RACF, ACF2, NetBus, Nmap, NetCat, BackOrifice, SubSeven, Netwatcher, Blackice, many more…; SVR4.0(Trusted) MCW B1; C, C++, Bourne Shell, Korn Shell (expert), C Shell, NT 3.x, NT 4.x (NDS), W2000, Netware 4.x, Windows, ORACLE, INFORMIX, INGRES, SYBASE, OSI, UNIFY, DBIII & IV, SCSS, BTRIEVE AND C-ISAM, UNIX, HPUX, SOLARIS, ULTRIX, AIX, XENIX, PICK, IV-PHASE, PC/MS-DOS, X-WINDOWS (X11R4), ETHERNET, ARPANET, INTERNET, TOKEN RING, TCP/IP, X.25, NFS AND FTP, UNIPLEX, WORD, WORDPERFECT, EXCEL, NROFF-TROFF, UNIX SVR4/MLS, 386ix, PYRAMID Dcosx. Special Skills: Started ‘best web page on securing wireless in the world’ (http://securingwireless.intranets.com) (currently moving to new site). Maintain a mailing list with hundreds of clients and other parties interested in condensed security news. Fluent in Spanish. Conversant in French, Italian, Portuguese, and Indonesian. Affinity for foreign language learning and training. Ability to manage by leading. Ability to communicate with all levels from coding engineers to CEO. Rare talent at being equally at ease with machines and people. References Available Upon Request |
